* [Buildroot] [PATCH 1/1] package/exim: ignore CVE-2022-30333
@ 2022-07-31 11:27 Bernd Kuhls
2022-08-01 7:27 ` Luca Ceresoli via buildroot
0 siblings, 1 reply; 2+ messages in thread
From: Bernd Kuhls @ 2022-07-31 11:27 UTC (permalink / raw)
To: buildroot; +Cc: Luca Ceresoli
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
package/exim/exim.mk | 2 ++
1 file changed, 2 insertions(+)
diff --git a/package/exim/exim.mk b/package/exim/exim.mk
index e0fcd83fb0..a54a39c815 100644
--- a/package/exim/exim.mk
+++ b/package/exim/exim.mk
@@ -10,6 +10,8 @@ EXIM_SITE = https://ftp.exim.org/pub/exim/exim4
EXIM_LICENSE = GPL-2.0+
EXIM_LICENSE_FILES = LICENCE
EXIM_CPE_ID_VENDOR = exim
+# fixed in version 4.94.2
+EXIM_IGNORE_CVES += CVE-2022-30333
EXIM_SELINUX_MODULES = exim mta
EXIM_DEPENDENCIES = host-berkeleydb host-pcre2 pcre2 berkeleydb host-pkgconf
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/exim: ignore CVE-2022-30333
2022-07-31 11:27 [Buildroot] [PATCH 1/1] package/exim: ignore CVE-2022-30333 Bernd Kuhls
@ 2022-08-01 7:27 ` Luca Ceresoli via buildroot
0 siblings, 0 replies; 2+ messages in thread
From: Luca Ceresoli via buildroot @ 2022-08-01 7:27 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
Hi Bernd,
On Sun, 31 Jul 2022 13:27:46 +0200
Bernd Kuhls <bernd.kuhls@t-online.de> wrote:
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> package/exim/exim.mk | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/package/exim/exim.mk b/package/exim/exim.mk
> index e0fcd83fb0..a54a39c815 100644
> --- a/package/exim/exim.mk
> +++ b/package/exim/exim.mk
> @@ -10,6 +10,8 @@ EXIM_SITE = https://ftp.exim.org/pub/exim/exim4
> EXIM_LICENSE = GPL-2.0+
> EXIM_LICENSE_FILES = LICENCE
> EXIM_CPE_ID_VENDOR = exim
> +# fixed in version 4.94.2
> +EXIM_IGNORE_CVES += CVE-2022-30333
This CVE does not seem related to exim but rather to rarlab. Can you
either clarify what's going on or send a patch against rarlab?
Thank you!
--
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-01 7:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-31 11:27 [Buildroot] [PATCH 1/1] package/exim: ignore CVE-2022-30333 Bernd Kuhls
2022-08-01 7:27 ` Luca Ceresoli via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox